@Alessio15 can you post what exclusion you did and has it worked? I've tried adding url exclusion for uri.cdn.office.net but it doesnt seem to be working.
I added the two CDNs in the exclusion list inside each active policy (Exclusions > All scans and shields > URL Addresses).
Originally I just added "cdn.office.net" hoping it will catch all the subdomains, but after 1 user reported that was still seeing the alert, I also added the two URLs, just to be sure:
https://uci.edog.cdn.office.nethttps://uci.cdn.office.netSo far no one told me that the alert appeared again, so looks like it has been resolved, but I wasn't able to replicate the issue on my machine, even before the exclusions, so I have no way to confirm this is the right way to proceed. So far no one else has complained about seeing the alert again, so seems resolved to me.
Hope this helps!